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Applicant herewith submits to the United States Designated/Elected Office (DO/EO/US) the following items under 35 USC 371: 

8 This is a FIRST submission of items concerning a filing under 35 USC 371. 

□ This is a SECOND or SUBSEQUENT submission of items concerning a filing under 35 USC 371. 

a This express request to begin national examination procedures (35 USC 371 (ft) at any time rather than delay examination 
until the expiration of the applicable time limit set in 35 USC 371(b) and PCT Articles 22 and 39(1). 

ts A proper Demand for International Preliminary Examination was made by the 19th month from the earliest claimed 
priority date. 

h A copy of the International Application as filed 35 USC 371(c)(2). 

a. □ is transmitted herewith (required only if not transmitted by the International Bureau). 

b. h has been transmitted by the International Bureau. 

c. o is not required, as the application was filed in the United States Receiving Office (RO/US). 
i'S. b A translation of the International Application into English (35 USC 371 (c) (2) ) . 

"1. h Amendments to the claims of the International Application under PCT Article 19 (35 USC 371(c)(3)) 

a. □ are transmitted herewith (required only if not transmitted by the International Bureau). 

b. o have been transmitted by the International Bureau. 

c. a have not been made; however, the time limit for making such amendments has NOT expired. 

d. a have not been made and will not be made. 

j| . OA translation of the amendments to the claims under PCT Article 19 (35 USC 371(c)(3)). 

. a An oath or declaration of the inventor(s) (35 USC 371(c)(4)). ( o Executed 0 Unexecuted) 

3. a A translation of the annexes to the International Preliminary Examination Report under PCT Article 36 
(35 USC 371(c)(5)). 

11 to 16 below concern other document(s) or information included: 
I. □ An Information Disclosure Statement under 37 CFR 1.97 and 1.98. 

12. □ An assignment document for recording. A separate cover sheet in compliance with 37 CFR 3.28 and 3.31 is included. 

13. OA FIRST preliminary amendment, 
o A SECOND or SUBSEQUENT preliminary amendment. 

14. o A substitute specification. 

15. oA change of power of attorney and/or address letter, 
a Other items or information: 1 sheet formal drawing 
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Application Number 

10/0. 



International Application Number 
PCT/EP00/07122 



Attorney 's Docket Number 
MODL3003/JEK 



17. The following fees are submitted: 
Bas c National Fee (37 CFR 1.492(a)(l)-(5)): 

Search report has been prepared by the EPO or JPO $890.00 

: International Preliminary Examination Fee paid to USPTO (37 CFR J. 482) $710.00 

: International Preliminary Examination Fee paid to USPTO (37 CFR 1.482) 

but International Search Fee paid to USPTO (37 CFR 1.445(a)(2)) $740.00 

Neither International Preliminary Examination Fee (37 CFR 1.482) nor 

International Search Fee (37 CFR 1.445(a)(2)) paid to USPTO $1040.00 

International Preliminary Examination Fee paid to USPTO (37 CFR 1.482) 

and all claims satisfied provisions of PCT Article 33(l)-(4) $100.00 



PTO USE ONLY 



ENTER APPROPRIATE BASIC FEE AMOUNT 



Surcharge of $130.00 for furnishing the oath or declaration later than o 20 □ 30 
months from the earliest claimed priority date (37 CFR 1.492(e)). 



Number Filed 



Number Extra 



Independent Claims 



Map iple Dependent Claims (if applicable) 



TOTAL OF ABOVE CALCULATIONS 



iction by Vi for filing by small entity, if applicable. Small Entity Status is 
ted pursuant to 37 CFR 1 .27 for this application. 



Prppessing fee of $130.00 for furnishing the English translation later than o 20 □ 30 
moiihs from the earliest claimed priority date (37 CFR 1.492(f)). 



TOTAL NATIONAL FEE 



Fee for recording the enclosed assignment (37 CFR 1.21(h)). The assignment must be 
accompanied by an appropriate cover sheet (37 CFR 3.28, 3.31). $40.00 per property. 



TOTAL FEES ENCLOSED 



Amount to be: 



Refunded: 



Charged: 



a A check in the amount of $1,170.00 



_ to cover the fees is enclosed. 



_ to cover the above fees. 



b. □ Please charge my Deposit Account Number 02-0200 in the amount of _$_ 

A duplicate copy of this sheet is enclosed. 

c. a The Commissioner is hereby authorized to charge any additional fees which may be required, or credit any 

overpayment to Deposit Account Number 02-0200. A duplicate copy of this sheet is enclosed. 
Where an appropriate time limit under 37 CFR 1.494 or 1.495 has not been met, a petition to revive (37 CFR 1.137(a) or 
(b)) must be filed and granted to restore the application to pending status. 



Respectfully submitted, 



Customer 23364 

BACON & THOMAS, PLLC 

625 SLATERS LANE - FOURTH FLOOR 
ALEXANDRIA, VIRGINIA 223124-1176 
(703) 683-0500 

DATE: 30 January 2002 
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Method, data carrier and system for authenticating a u ser and a terminal 

The present invention relates in general to authentication for the use of data 
carriers such as smart cards and the like, and in particular to an authentication method, 
a data carrier and an authentication system comprising a data carrier and a terminal. 

To prove that a user is actually entitled or authorized to use a smart card or 
magnetic stripe card, an individual secret number, for example a so-called PIN 
(personal identification number) is customarily used. The PIN is stored on the card 
and, after the card has been introduced into a terminal, compared with the PIN entered 
in the terminal by the user. If comparison is positive the terminal can e.g. access 
protected areas of the smart card, for example memory areas. 

The use of PINs is problematic because the card can be used by anyone with 
knowledge of the PIN. The card is thus not bound to the actual card holder but to the 
PIN holder. Voluntary or involuntary transmission of the PIN thus makes it possible to 
abuse the card. PINs are also unsafe insofar as they can be forgotten, on the one hand, 
and spied out, on the other hand. 

Even when an authorized user has identified himself by entering his PIN, the 
system is only partially authorized - that is, the user with respect to the card and to the 
terminal. There is no authorization of the terminal with respect to the card or to the 
user. If the terminal is fake there is a danger of the PIN being spied out by the fake 
terminal. The PIN alone therefore does not constitute sufficient protection because 
there is no authentication of the terminal with respect to the card or to the user. 

US 5,239,166 discloses a system for safe data exchange comprising a card and a 
terminal. In the known system the card and the terminal check each other. The user of 
the card is checked by means of biometric features, e.g. a fingerprint. 

US 5,208,447 discloses a method for checking terminals with a smart card 
wherein a password stored in the smart card is transmitted to the terminal in both 
encrypted and unencrypted form. The encrypted password is decrypted in the terminal 
and compared with the password transmitted in unencrypted form. If the decrypted 
password matches the unencrypted password, the terminal is authorized. 
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The present invention is based on the problem of making the authentication 
process safer. In particular, the problem underlying the invention is to propose an 
authentication method, an authentication system comprising data carrier and terminal, 
and a data carrier for authenticating both the user and the terminal, thereby permitting 
the user's individual authorization and the authenticity of the terminal to be checked. 

This problem is solved according to the invention by an authentication method, a 
data carrier and an authentication system according to the independent claims. 

The subclaims state advantageous embodiments of the invention. 

The inventive solution is based on the idea that the authentication process can be 
made safer if the authenticity of the terminal is first checked and the terminal is then 
presented with biometric data of the user. Biometric data, such as a fingerprint or the 
like, are clearly user-specific, unlike a PIN. The prior check of the terminal's 
authenticity guarantees that the sensitive, user-specific biometric data cannot be spied 
out. The terminal's authenticity is checked by a secret code permanently stored on the 
data carrier and known only to the user being read by the terminal and displayed to the 
user. Only if the secret code is displayed correctly does the user present the biometric 
feature to the terminal to identify himself as an authorized user to the terminal and the 
data carrier. The secret code can be stored on the data carrier on a memory location 
that can be accessed only by authorized terminals and/or be decrypted correctly only by 
an authorized terminal. 

After the terminal has been authenticated, user-unique authentication with respect 
to the data carrier and to the terminal is obtained by presentation of the user-specific 
biometric feature and comparison of the data detected from the biometric feature with 
biometric data stored on the data carrier, in contrast to PIN comparison. 

In addition to biometric authentication of the user, a PIN authentication of the 
user can be effected by entry of a PIN and comparison of the entered PIN with the PIN 
stored on the data carrier. 

The invention will be set forth in the following by way of example with reference 
to the single figure. 

The authentication process shown in the figure includes three steps, of which the 
second step can be omitted. 
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In the first step, terminal Treads a secret code (CODE) from a first memory area 
of data carrier C, for example a smart card, and presents said CODE to user U. CODE 
is stored on smart card C for example on a protected-access memory location and/or in 
encrypted form, so that CODE can only be read and displayed to user U by "real" 
terminal T which either has access authority or knows the decryption algorithm. 

If user U recognizes CODE read by terminal T as his secret code, he will perform 
the further authentication steps. In the shown case, he will first enter his PIN in 
terminal T. The PIN is then transmitted, preferably in encrypted form, to smart card C 
where it is decrypted and compared with a PIN stored on smart card C, and the result 
of comparison is then reported to terminal T. The data transfer, in particular the 
transfer of CODE, the PIN and biometric data BIO to be described below, is preferably 
effected in encrypted form in order to protect said sensitive data from being spied out. 

If the PIN comparison was positive ("OK"), terminal T continues the 
authentication process by now effecting the user-unique authentication by means of the 
user's biometric features. The user presents terminal T with a biometric feature, for 
example a fingerprint or the iris of an eye. The biometric feature is detected by 
terminal T and converted into biometric data BIO which are transmitted, preferably in 
encrypted form, to smart card C. There, the user's read biometric data are compared 
with biometric data stored on smart card C. In the case of a positive comparison 
("OK"), terminal Tis enabled for the entry of further user commands. 
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Claims 

1 . A method for authenticating a user (U) of a data carrier (Q for authorized use of 
the data carrier and for authenticating a data carrier terminal (T) for authorized 
accessing by the data carrier terminal of memory areas of the data carrier, 
comprising the following steps: 

- reading a secret code (CODE) from the data carrier (Q by the data carrier 
terminal (T), whereby the secret code (CODE) is stored on a memory location 
that can be accessed only by authorized data terminals (7) and/or can be 
decrypted correctly only by an authorized data terminal (T). 

- presenting the read secret code (CODE) to the user (U), 

- presenting a biometric feature (BIO) of a user (U), 

- comparing the presented biometric feature (BIO) with a biometric feature 
stored on the data carrier (C). 

2. A method according to claim 1 , characterized in that a PIN is in addition 
presented to the terminal (T), being compared with a PIN stored on the data 
carrier (C). 

3. A method according to claim 1 or 2, characterized in that a fingerprint of a user 
(U) is used as the biometric feature (BIO). 

4. A data carrier (Q for authenticating a terminal with respect to a user and the user 
with respect to the data carrier, comprising a first memory area in which a secret 
code (CODE) is stored such that the secret code can be read and/or decrypted and 
displayed by an authorized data carrier terminal (7), and a second memory area in 
which data are stored which serve to authenticate the user with respect to the 
terminal. 

5. A data carrier according to claim 4, characterized in that a PIN is stored in a third 
memory area. 

6. A data carrier according to either of claims 4 and 5, characterized in that the 
biometric data are generated by a fingerprint. 



AMENDED SHEET 



-5- 



ART34AMOT 



7. An authentication system comprising a data carrier (Q with memory areas and a 
data carrier terminal (T) for accessing the memory areas of the data carrier, 
characterized in that 

- the data carrier (Q has a first memory area for storing a secret code (CODE) 
and a second memory area for storing biometric data, 

- the data carrier terminal (T) has a first device which is authorized for reading 
the secret code (CODE) from the first memory area and/or for decrypting the 
read secret code (CODE) and for presenting the read secret code on a display, 
and a second device for reading biometric data (BIO), and 

- a device for comparing the read biometric data (BIO) with biometric data 
stored in the second memory area in the data carrier (Q and/or in the terminal 
CO- 

8. An authentication system according to claim 7, characterized in that the data 
carrier (Q has a third memory area for storing a PIN. 

9. An authentication system according to claim 7 or 8, characterized in that the 
stored biometric data are generated by a fingerprint. 
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(57) Abstract: The invention relates to the use of data carriers such as chip cards C or similar. According to the invention, the 
terminal T which processes the chip card C first authenticates itself in relation to the user U and said user U subsequendy authenticates 
him or herself in relation to the data carrier C or the terminal T. The authentication of the terminal in relation to the user U takes 
place by the readout of a CODE from the data carrier C and by the presentation of said readout CODE to the user U, who classifies 
this CODE as correct or incorrect If the terminal T has presented a correct CODE, the user U authenticates himself in relation to 
the chip card C or the terrninal T by presenting a biometric characteristic BIO, for example his or her fingerprint This procedure 
ensures that the biometric characteristic BIO of the user U cannot be intercepted by a counterfeit terminal T. 
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Declaration for Vj^^t Application and Appointi^t of Attorney 

As a below named inventor, I hereby Ware that my residence, post office address and citizenship are as stated below next to my 
■■ I believe that I am the original, first and sole inventor (if only one name is listed below) or an original, first and joint inventor (if plural 
names are listed below) of the subject matter which is claimed and for which a patent is sought on the invention (Design, if applicable) entitled: 
METHOD, DATA CARRIER AND SYSTEM FOR AUTHENTICATING A USER AND A TERMINAL 
the specification of which (check one): 

□ is attached hereto, or G3 washed on: 25 July 2000 / as U.S. Application Number or PCT International 

Application Number: (PCT/EP00/07122) 10/030,162 and (if applicable) was amended on: 

I hereby state that I have reviewed and understand the contents of the above-identified specification, including the claims, as amended by any 
arriendmentfs) referred to above. I acknowledge the duty to disclose information which is material to patentability as defined m Title 37, Code 
of Federal Regulations, §1 56. I hereby claim foreign priority benefits under Title 35, United States Code §119 of any foreign .applications) for 
patent or inventor's certificate listed below and have also identified below any foreign application for patent or inventor s certificate having a 
filing date beforethat of the application on which priority is claimed. 
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□ Additional Provisional Application(s) Listed on Following Page(s) 
I hereby claim the benefit under Title 35, United States Code, §120 of any United States application(s) or PCT international 
"application^) designating The United States of America listed below and, insofar as the subject matter of each of the claims of this application is 
Q* disclosed in that/those prior application(s) in the manner provided by the first paragraph of Title 35, United States Code §112 I acknowledge 
Je duty to disclose information which is material to patentability as defined in Title 37, Code of Federal Regulations, §1-56 which became 
'av ailable between the filing date of the prior application ^ and the national or PCT international filing date of this apphc^— 



Application Number 



Filing Date 



Status - Patented, Pending or 
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□ Additional US/PCT Priority Application(s) listed on Following Page(s) 
I hereby declare that all statements made herein of my own knowledge are true and that all statements made on information and belief 
a . believed to be true; and further that these statements were made with the knowledge that willful false statements and the like so made are 
punishable by fine or imprisonment, or both, under section 1001 of title 18 of the United States Code and that such willful false statements may 
jeopardize the validity of the application or any patent issued thereon. 

POWER OF ATTORNEY: I (We) hereby appoint as my (our) attorneys, with full powers of substitution and revocation, to prosecute 
application and transact all business in the Patent and Trademark Office connected therewith: J. Ernest Kenney, Reg.. No. 19,179- Eugene 
-, Reg Nr. 7.5 M\. Richard E. Fichter, Reg. No. 26.382: T homas J. Moore. Reg. No. 28,974; Joseph DeBenedictis, Rg g . No. 2&,£Q2i 
Benjamin E. Urcia, Reg. No. 33,805; a nd 

we) authorize my(our) attorneys to accept and follow instructions from Klnnkrr. Schmitt-Nilson. Hirsch regarding any matter related 

' the preparation, examination, grant and maintenance of this application, any continuation, continuation-m-part or divisional based thereon, and 
y patent resulting therefrom, until I(we) or my(our) assigns withdraw this authorization m writing. 
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